POEX is a library to access, load and manipulate PE (Portable Executable) files.
-
Updated
Apr 1, 2023 - C++
POEX is a library to access, load and manipulate PE (Portable Executable) files.
x86-64 executable creation example
A lib to distinguish a shared library from an executable. Mostly for ELF, but some rudimentary (file name extension-based) support of windows was added.
The reverse-engineering tool for Windows executables
GetTyp/GetType/GT2 - legacy file format detector
A Virus to encourage veganism and deter against eating meat.
Heuristically recover relocations and imports from module memory dumps
A DLL that performs IAT hooking
Cross-platform library for parsing and building PE\PE+ formats
SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
PE32 (x86) and PE32+ (x64) binaries analysis tool, resources viewer/extractor.
Library for parsing internal structures of PE32/PE32+ binary files.
A bunch of parsers for PE and PDB formats in C++
Persistent IAT hooking application - based on bearparser
Principled, lightweight C/C++ PE parser
The BEST DLL Injector Library.
A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
Portable Executable reversing tool with a friendly GUI
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Add a description, image, and links to the pe-format topic page so that developers can more easily learn about it.
To associate your repository with the pe-format topic, visit your repo's landing page and select "manage topics."